Merged C2C Security Branch + Improvements
Security By Default on Objects bzr revid: fp@tinyerp.com-20080902213144-d95924bxmq8o3i0p
This commit is contained in:
commit
853b858a6c
|
@ -2,6 +2,7 @@
|
|||
##############################################################################
|
||||
#
|
||||
# Copyright (c) 2004-2008 Tiny SPRL (http://tiny.be) All Rights Reserved.
|
||||
# Copyright (c) 2008 Camptocamp SA
|
||||
#
|
||||
# $Id$
|
||||
#
|
||||
|
@ -37,6 +38,8 @@
|
|||
"init_xml" : [
|
||||
"base_data.xml",
|
||||
"base_menu.xml",
|
||||
"base_security.xml",
|
||||
"res/res_security.xml",
|
||||
],
|
||||
"demo_xml" : [
|
||||
"base_demo.xml",
|
||||
|
@ -44,6 +47,7 @@
|
|||
"res/partner/crm_demo.xml",
|
||||
],
|
||||
"update_xml" : [
|
||||
"ir.model.access.csv",
|
||||
"base_update.xml",
|
||||
"ir/wizard/wizard_menu_view.xml",
|
||||
"ir/ir.xml",
|
||||
|
@ -68,6 +72,3 @@
|
|||
"active": True,
|
||||
"installable": True,
|
||||
}
|
||||
|
||||
# vim:expandtab:smartindent:tabstop=4:softtabstop=4:shiftwidth=4:
|
||||
|
||||
|
|
|
@ -148,9 +148,6 @@ CREATE TABLE res_users (
|
|||
);
|
||||
alter table res_users add constraint res_users_login_uniq unique (login);
|
||||
|
||||
insert into res_users (id,login,password,name,action_id,active) values (1,'root',NULL,'Root',NULL,False);
|
||||
select setval('res_users_id_seq', 2);
|
||||
|
||||
CREATE TABLE res_groups (
|
||||
id serial NOT NULL,
|
||||
name varchar(32) NOT NULL,
|
||||
|
@ -328,4 +325,9 @@ CREATE TABLE ir_model_data (
|
|||
res_id integer, primary key(id)
|
||||
);
|
||||
|
||||
|
||||
---------------------------------
|
||||
-- Users
|
||||
---------------------------------
|
||||
insert into res_users (id,login,password,name,action_id,active) values (1,'root','root','Root',NULL,True);
|
||||
insert into ir_model_data (name,module,model,noupdate,res_id) values ('user_root','base','res.users',True,1);
|
||||
select setval('res_users_id_seq', 2);
|
||||
|
|
|
@ -23,17 +23,6 @@
|
|||
<field eval="'[(\'parent_id\',\'=\',False)]'" name="domain"/>
|
||||
</record>
|
||||
|
||||
<record id="group_admin" model="res.groups">
|
||||
<field name="name">Administration/Administrator</field>
|
||||
</record>
|
||||
|
||||
<record id="group_extended" model="res.groups">
|
||||
<field name="name">Extended View</field>
|
||||
</record>
|
||||
<record id="group_no_one" model="res.groups">
|
||||
<field name="name">No One</field>
|
||||
</record>
|
||||
|
||||
<record id="lang_en" model="res.lang">
|
||||
<field name="code">en_US</field>
|
||||
<field name="name">English</field>
|
||||
|
@ -1309,7 +1298,7 @@
|
|||
<field name="accuracy">4</field>
|
||||
</record>
|
||||
<record id="rateVEB" model="res.currency.rate">
|
||||
<field name="rate">1.0</field>
|
||||
<field name="rate">3132.9</field>
|
||||
<field name="currency_id" ref="VEB"/>
|
||||
<field eval="time.strftime('%Y-01-01')" name="name"/>
|
||||
</record>
|
||||
|
@ -1498,17 +1487,5 @@
|
|||
<test expr="currency_id.code == 'eur'.upper()"/>
|
||||
<test expr="name">Tiny sprl</test>
|
||||
</assert>
|
||||
|
||||
<record id="user_admin" model="res.users">
|
||||
<field name="login">admin</field>
|
||||
<field name="password">admin</field>
|
||||
<field name="name">Administrator</field>
|
||||
<field name="signature">Administrator</field>
|
||||
<field name="action_id" ref="action_menu_admin"/>
|
||||
<field name="menu_id" ref="action_menu_admin"/>
|
||||
<field name="address_id" ref="main_address"/>
|
||||
<field eval="[(6,0,[group_admin])]" name="groups_id"/>
|
||||
<field name="company_id" ref="main_company"/>
|
||||
</record>
|
||||
</data>
|
||||
</terp>
|
||||
|
|
|
@ -10,7 +10,7 @@
|
|||
<field name="menu_id" ref="action_menu_admin"/>
|
||||
<field name="address_id" ref="main_address"/>
|
||||
<field name="company_id" ref="main_company"/>
|
||||
<field name="groups_id" eval="('base.group_user')"/>
|
||||
</record>
|
||||
|
||||
</data>
|
||||
</terp>
|
||||
</terp>
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<terp>
|
||||
<data>
|
||||
<menuitem groups="group_admin" icon="terp-administration" id="menu_administration" name="Administration" sequence="20"/>
|
||||
<menuitem icon="terp-administration" id="menu_administration" name="Administration" sequence="20"/>
|
||||
<menuitem id="menu_custom" name="Custom" parent="base.menu_administration" sequence="2"/>
|
||||
<menuitem id="menu_translation" name="Translations" parent="base.menu_administration" sequence="4"/>
|
||||
<menuitem id="menu_translation_app" name="Application Terms" parent="base.menu_translation" sequence="4"/>
|
||||
|
@ -9,7 +9,5 @@
|
|||
<menuitem id="menu_users" name="Users" parent="base.menu_administration" sequence="6"/>
|
||||
<menuitem id="menu_security" name="Security" parent="base.menu_administration" sequence="8"/>
|
||||
<menuitem id="menu_management" name="Modules Management" parent="base.menu_administration" sequence="10"/>
|
||||
|
||||
|
||||
</data>
|
||||
</terp>
|
||||
|
|
|
@ -1,662 +1,168 @@
|
|||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<?xml version="1.0"?>
|
||||
<terp>
|
||||
<data noupdate="1">
|
||||
<record id="access_ui_menu" model="ir.model.access">
|
||||
<field name="name">UI menu</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'ir.ui.menu')]"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="False" name="perm_write"/>
|
||||
<field eval="False" name="perm_create"/>
|
||||
<field eval="False" name="perm_unlink"/>
|
||||
</record>
|
||||
|
||||
<record id="access_ui_menu_admin" model="ir.model.access">
|
||||
<field name="name">UI menu</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'ir.ui.menu')]"/>
|
||||
<field name="group_id" ref="group_admin"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="True" name="perm_write"/>
|
||||
<field eval="True" name="perm_create"/>
|
||||
<field eval="True" name="perm_unlink"/>
|
||||
</record>
|
||||
|
||||
<record id="access_act_window" model="ir.model.access">
|
||||
<field name="name">Act window</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'ir.actions.act_window')]"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="False" name="perm_write"/>
|
||||
<field eval="False" name="perm_create"/>
|
||||
<field eval="False" name="perm_unlink"/>
|
||||
</record>
|
||||
<record id="access_act_window_admin" model="ir.model.access">
|
||||
<field name="name">Act window</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'ir.actions.act_window')]"/>
|
||||
<field name="group_id" ref="group_admin"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="True" name="perm_write"/>
|
||||
<field eval="True" name="perm_create"/>
|
||||
<field eval="True" name="perm_unlink"/>
|
||||
</record>
|
||||
|
||||
<record id="access_actions" model="ir.model.access">
|
||||
<field name="name">Actions</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'ir.actions.actions')]"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="False" name="perm_write"/>
|
||||
<field eval="False" name="perm_create"/>
|
||||
<field eval="False" name="perm_unlink"/>
|
||||
</record>
|
||||
<record id="access_actions_admin" model="ir.model.access">
|
||||
<field name="name">Actions</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'ir.actions.actions')]"/>
|
||||
<field name="group_id" ref="group_admin"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="True" name="perm_write"/>
|
||||
<field eval="True" name="perm_create"/>
|
||||
<field eval="True" name="perm_unlink"/>
|
||||
</record>
|
||||
|
||||
<record id="access_actions_report_custom" model="ir.model.access">
|
||||
<field name="name">Actions Report Custom</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'ir.actions.report.custom')]"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="False" name="perm_write"/>
|
||||
<field eval="False" name="perm_create"/>
|
||||
<field eval="False" name="perm_unlink"/>
|
||||
</record>
|
||||
<record id="access_actions_report_custom_admin" model="ir.model.access">
|
||||
<field name="name">Actions Report Custom</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'ir.actions.report.custom')]"/>
|
||||
<field name="group_id" ref="group_admin"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="True" name="perm_write"/>
|
||||
<field eval="True" name="perm_create"/>
|
||||
<field eval="True" name="perm_unlink"/>
|
||||
</record>
|
||||
|
||||
<record id="access_actions_report_xml" model="ir.model.access">
|
||||
<field name="name">Actions Report XML</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'ir.actions.report.xml')]"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="False" name="perm_write"/>
|
||||
<field eval="False" name="perm_create"/>
|
||||
<field eval="False" name="perm_unlink"/>
|
||||
</record>
|
||||
<record id="access_actions_report_xml_admin" model="ir.model.access">
|
||||
<field name="name">Actions Report XML</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'ir.actions.report.xml')]"/>
|
||||
<field name="group_id" ref="group_admin"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="True" name="perm_write"/>
|
||||
<field eval="True" name="perm_create"/>
|
||||
<field eval="True" name="perm_unlink"/>
|
||||
</record>
|
||||
|
||||
<record id="access_actions_act_window_view" model="ir.model.access">
|
||||
<field name="name">Actions Act Window view</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'ir.actions.act_window.view')]"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="False" name="perm_write"/>
|
||||
<field eval="False" name="perm_create"/>
|
||||
<field eval="False" name="perm_unlink"/>
|
||||
</record>
|
||||
<record id="access_actions_act_window_view_admin" model="ir.model.access">
|
||||
<field name="name">Actions Act Window view</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'ir.actions.act_window.view')]"/>
|
||||
<field name="group_id" ref="group_admin"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="True" name="perm_write"/>
|
||||
<field eval="True" name="perm_create"/>
|
||||
<field eval="True" name="perm_unlink"/>
|
||||
</record>
|
||||
|
||||
<record id="access_actions_wizard" model="ir.model.access">
|
||||
<field name="name">Actions Wizard</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'ir.actions.wizard')]"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="False" name="perm_write"/>
|
||||
<field eval="False" name="perm_create"/>
|
||||
<field eval="False" name="perm_unlink"/>
|
||||
</record>
|
||||
<record id="access_actions_wizard_admin" model="ir.model.access">
|
||||
<field name="name">Actions Wizard</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'ir.actions.wizard')]"/>
|
||||
<field name="group_id" ref="group_admin"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="True" name="perm_write"/>
|
||||
<field eval="True" name="perm_create"/>
|
||||
<field eval="True" name="perm_unlink"/>
|
||||
</record>
|
||||
|
||||
<record id="access_actions_url" model="ir.model.access">
|
||||
<field name="name">Actions URL</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'ir.actions.url')]"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="False" name="perm_write"/>
|
||||
<field eval="False" name="perm_create"/>
|
||||
<field eval="False" name="perm_unlink"/>
|
||||
</record>
|
||||
<record id="access_actions_url_admin" model="ir.model.access">
|
||||
<field name="name">Actions URL</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'ir.actions.url')]"/>
|
||||
<field name="group_id" ref="group_admin"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="True" name="perm_write"/>
|
||||
<field eval="True" name="perm_create"/>
|
||||
<field eval="True" name="perm_unlink"/>
|
||||
</record>
|
||||
|
||||
<record id="access_res_groups" model="ir.model.access">
|
||||
<field name="name">Groups</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'res.groups')]"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="False" name="perm_write"/>
|
||||
<field eval="False" name="perm_create"/>
|
||||
<field eval="False" name="perm_unlink"/>
|
||||
</record>
|
||||
<record id="access_res_groups_admin" model="ir.model.access">
|
||||
<field name="name">Groups</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'res.groups')]"/>
|
||||
<field name="group_id" ref="group_admin"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="True" name="perm_write"/>
|
||||
<field eval="True" name="perm_create"/>
|
||||
<field eval="True" name="perm_unlink"/>
|
||||
</record>
|
||||
|
||||
<record id="access_res_roles" model="ir.model.access">
|
||||
<field name="name">Roles</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'res.roles')]"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="False" name="perm_write"/>
|
||||
<field eval="False" name="perm_create"/>
|
||||
<field eval="False" name="perm_unlink"/>
|
||||
</record>
|
||||
<record id="access_res_roles_admin" model="ir.model.access">
|
||||
<field name="name">Roles</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'res.roles')]"/>
|
||||
<field name="group_id" ref="group_admin"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="True" name="perm_write"/>
|
||||
<field eval="True" name="perm_create"/>
|
||||
<field eval="True" name="perm_unlink"/>
|
||||
</record>
|
||||
|
||||
<record id="access_res_lang" model="ir.model.access">
|
||||
<field name="name">Lang</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'res.lang')]"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="False" name="perm_write"/>
|
||||
<field eval="False" name="perm_create"/>
|
||||
<field eval="False" name="perm_unlink"/>
|
||||
</record>
|
||||
<record id="access_res_lang_admin" model="ir.model.access">
|
||||
<field name="name">Lang</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'res.lang')]"/>
|
||||
<field name="group_id" ref="group_admin"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="True" name="perm_write"/>
|
||||
<field eval="True" name="perm_create"/>
|
||||
<field eval="True" name="perm_unlink"/>
|
||||
</record>
|
||||
|
||||
<record id="access_res_country" model="ir.model.access">
|
||||
<field name="name">Country</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'res.country')]"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="False" name="perm_write"/>
|
||||
<field eval="False" name="perm_create"/>
|
||||
<field eval="False" name="perm_unlink"/>
|
||||
</record>
|
||||
<record id="access_res_country_admin" model="ir.model.access">
|
||||
<field name="name">Country</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'res.country')]"/>
|
||||
<field name="group_id" ref="group_admin"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="True" name="perm_write"/>
|
||||
<field eval="True" name="perm_create"/>
|
||||
<field eval="True" name="perm_unlink"/>
|
||||
</record>
|
||||
|
||||
<record id="access_res_country_state" model="ir.model.access">
|
||||
<field name="name">Country State</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'res.country.state')]"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="False" name="perm_write"/>
|
||||
<field eval="False" name="perm_create"/>
|
||||
<field eval="False" name="perm_unlink"/>
|
||||
</record>
|
||||
<record id="access_res_country_state_admin" model="ir.model.access">
|
||||
<field name="name">Country State</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'res.country.state')]"/>
|
||||
<field name="group_id" ref="group_admin"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="True" name="perm_write"/>
|
||||
<field eval="True" name="perm_create"/>
|
||||
<field eval="True" name="perm_unlink"/>
|
||||
</record>
|
||||
|
||||
<record id="access_res_currency" model="ir.model.access">
|
||||
<field name="name">Currency</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'res.currency')]"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="False" name="perm_write"/>
|
||||
<field eval="False" name="perm_create"/>
|
||||
<field eval="False" name="perm_unlink"/>
|
||||
</record>
|
||||
<record id="access_res_currency_admin" model="ir.model.access">
|
||||
<field name="name">Currency</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'res.currency')]"/>
|
||||
<field name="group_id" ref="group_admin"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="True" name="perm_write"/>
|
||||
<field eval="True" name="perm_create"/>
|
||||
<field eval="True" name="perm_unlink"/>
|
||||
</record>
|
||||
|
||||
<record id="access_res_currency_rate" model="ir.model.access">
|
||||
<field name="name">Currency Rate</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'res.currency.rate')]"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="False" name="perm_write"/>
|
||||
<field eval="False" name="perm_create"/>
|
||||
<field eval="False" name="perm_unlink"/>
|
||||
</record>
|
||||
<record id="access_res_currency_rate_admin" model="ir.model.access">
|
||||
<field name="name">Currency Rate</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'res.currency.rate')]"/>
|
||||
<field name="group_id" ref="group_admin"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="True" name="perm_write"/>
|
||||
<field eval="True" name="perm_create"/>
|
||||
<field eval="True" name="perm_unlink"/>
|
||||
</record>
|
||||
|
||||
<record id="access_res_company" model="ir.model.access">
|
||||
<field name="name">Company</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'res.company')]"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="False" name="perm_write"/>
|
||||
<field eval="False" name="perm_create"/>
|
||||
<field eval="False" name="perm_unlink"/>
|
||||
</record>
|
||||
<record id="access_res_company_admin" model="ir.model.access">
|
||||
<field name="name">Company</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'res.company')]"/>
|
||||
<field name="group_id" ref="group_admin"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="True" name="perm_write"/>
|
||||
<field eval="True" name="perm_create"/>
|
||||
<field eval="True" name="perm_unlink"/>
|
||||
</record>
|
||||
|
||||
<record id="access_res_users" model="ir.model.access">
|
||||
<field name="name">Users</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'res.users')]"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="False" name="perm_write"/>
|
||||
<field eval="False" name="perm_create"/>
|
||||
<field eval="False" name="perm_unlink"/>
|
||||
</record>
|
||||
<record id="access_res_users_admin" model="ir.model.access">
|
||||
<field name="name">Users</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'res.users')]"/>
|
||||
<field name="group_id" ref="group_admin"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="True" name="perm_write"/>
|
||||
<field eval="True" name="perm_create"/>
|
||||
<field eval="True" name="perm_unlink"/>
|
||||
</record>
|
||||
|
||||
<record id="access_cron" model="ir.model.access">
|
||||
<field name="name">Cron</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'ir.cron')]"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="False" name="perm_write"/>
|
||||
<field eval="False" name="perm_create"/>
|
||||
<field eval="False" name="perm_unlink"/>
|
||||
</record>
|
||||
<record id="access_cron_admin" model="ir.model.access">
|
||||
<field name="name">Cron</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'ir.cron')]"/>
|
||||
<field name="group_id" ref="group_admin"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="True" name="perm_write"/>
|
||||
<field eval="True" name="perm_create"/>
|
||||
<field eval="True" name="perm_unlink"/>
|
||||
</record>
|
||||
|
||||
<record id="access_model" model="ir.model.access">
|
||||
<field name="name">Model</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'ir.model')]"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="False" name="perm_write"/>
|
||||
<field eval="False" name="perm_create"/>
|
||||
<field eval="False" name="perm_unlink"/>
|
||||
</record>
|
||||
<record id="access_model_admin" model="ir.model.access">
|
||||
<field name="name">Model</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'ir.model')]"/>
|
||||
<field name="group_id" ref="group_admin"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="True" name="perm_write"/>
|
||||
<field eval="True" name="perm_create"/>
|
||||
<field eval="True" name="perm_unlink"/>
|
||||
</record>
|
||||
|
||||
<record id="access_model_fields" model="ir.model.access">
|
||||
<field name="name">Model Fields</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'ir.model.fields')]"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="False" name="perm_write"/>
|
||||
<field eval="False" name="perm_create"/>
|
||||
<field eval="False" name="perm_unlink"/>
|
||||
</record>
|
||||
<record id="access_model_fields_admin" model="ir.model.access">
|
||||
<field name="name">Model Fields</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'ir.model.fields')]"/>
|
||||
<field name="group_id" ref="group_admin"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="True" name="perm_write"/>
|
||||
<field eval="True" name="perm_create"/>
|
||||
<field eval="True" name="perm_unlink"/>
|
||||
</record>
|
||||
|
||||
<record id="access_model_access" model="ir.model.access">
|
||||
<field name="name">Model Access</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'ir.model.access')]"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="False" name="perm_write"/>
|
||||
<field eval="False" name="perm_create"/>
|
||||
<field eval="False" name="perm_unlink"/>
|
||||
</record>
|
||||
<record id="access_model_access_admin" model="ir.model.access">
|
||||
<field name="name">Model Access</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'ir.model.access')]"/>
|
||||
<field name="group_id" ref="group_admin"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="True" name="perm_write"/>
|
||||
<field eval="True" name="perm_create"/>
|
||||
<field eval="True" name="perm_unlink"/>
|
||||
</record>
|
||||
|
||||
<record id="access_model_data" model="ir.model.access">
|
||||
<field name="name">Model Data</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'ir.model.data')]"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="False" name="perm_write"/>
|
||||
<field eval="False" name="perm_create"/>
|
||||
<field eval="False" name="perm_unlink"/>
|
||||
</record>
|
||||
<record id="access_model_data_admin" model="ir.model.access">
|
||||
<field name="name">Model Data</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'ir.model.data')]"/>
|
||||
<field name="group_id" ref="group_admin"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="True" name="perm_write"/>
|
||||
<field eval="True" name="perm_create"/>
|
||||
<field eval="True" name="perm_unlink"/>
|
||||
</record>
|
||||
|
||||
<record id="access_report_custom" model="ir.model.access">
|
||||
<field name="name">Report Custom</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'ir.report.custom')]"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="False" name="perm_write"/>
|
||||
<field eval="False" name="perm_create"/>
|
||||
<field eval="False" name="perm_unlink"/>
|
||||
</record>
|
||||
<record id="access_report_custom_admin" model="ir.model.access">
|
||||
<field name="name">Report Custom</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'ir.report.custom')]"/>
|
||||
<field name="group_id" ref="group_admin"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="True" name="perm_write"/>
|
||||
<field eval="True" name="perm_create"/>
|
||||
<field eval="True" name="perm_unlink"/>
|
||||
</record>
|
||||
|
||||
<record id="access_report_custom_fields" model="ir.model.access">
|
||||
<field name="name">Report Custom Fields</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'ir.report.custom.fields')]"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="False" name="perm_write"/>
|
||||
<field eval="False" name="perm_create"/>
|
||||
<field eval="False" name="perm_unlink"/>
|
||||
</record>
|
||||
<record id="access_report_custom_fields_admin" model="ir.model.access">
|
||||
<field name="name">Report Custom Fields</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'ir.report.custom.fields')]"/>
|
||||
<field name="group_id" ref="group_admin"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="True" name="perm_write"/>
|
||||
<field eval="True" name="perm_create"/>
|
||||
<field eval="True" name="perm_unlink"/>
|
||||
</record>
|
||||
|
||||
<record id="access_rule_group" model="ir.model.access">
|
||||
<field name="name">Rule group</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'ir.rule.group')]"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="False" name="perm_write"/>
|
||||
<field eval="False" name="perm_create"/>
|
||||
<field eval="False" name="perm_unlink"/>
|
||||
</record>
|
||||
<record id="access_rule_group_admin" model="ir.model.access">
|
||||
<field name="name">Rule group</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'ir.rule.group')]"/>
|
||||
<field name="group_id" ref="group_admin"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="True" name="perm_write"/>
|
||||
<field eval="True" name="perm_create"/>
|
||||
<field eval="True" name="perm_unlink"/>
|
||||
</record>
|
||||
|
||||
<record id="access_rule" model="ir.model.access">
|
||||
<field name="name">Rule</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'ir.rule')]"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="False" name="perm_write"/>
|
||||
<field eval="False" name="perm_create"/>
|
||||
<field eval="False" name="perm_unlink"/>
|
||||
</record>
|
||||
<record id="access_rule_admin" model="ir.model.access">
|
||||
<field name="name">Rule</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'ir.rule')]"/>
|
||||
<field name="group_id" ref="group_admin"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="True" name="perm_write"/>
|
||||
<field eval="True" name="perm_create"/>
|
||||
<field eval="True" name="perm_unlink"/>
|
||||
</record>
|
||||
|
||||
<record id="access_sequence_type" model="ir.model.access">
|
||||
<field name="name">Sequence Type</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'ir.sequence.type')]"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="False" name="perm_write"/>
|
||||
<field eval="False" name="perm_create"/>
|
||||
<field eval="False" name="perm_unlink"/>
|
||||
</record>
|
||||
<record id="access_sequence_type_admin" model="ir.model.access">
|
||||
<field name="name">Sequence Type</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'ir.sequence.type')]"/>
|
||||
<field name="group_id" ref="group_admin"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="True" name="perm_write"/>
|
||||
<field eval="True" name="perm_create"/>
|
||||
<field eval="True" name="perm_unlink"/>
|
||||
</record>
|
||||
|
||||
<record id="access_sequence" model="ir.model.access">
|
||||
<field name="name">Sequence</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'ir.sequence')]"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="False" name="perm_write"/>
|
||||
<field eval="False" name="perm_create"/>
|
||||
<field eval="False" name="perm_unlink"/>
|
||||
</record>
|
||||
<record id="access_sequence_admin" model="ir.model.access">
|
||||
<field name="name">Sequence</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'ir.sequence')]"/>
|
||||
<field name="group_id" ref="group_admin"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="True" name="perm_write"/>
|
||||
<field eval="True" name="perm_create"/>
|
||||
<field eval="True" name="perm_unlink"/>
|
||||
</record>
|
||||
|
||||
<record id="access_view" model="ir.model.access">
|
||||
<field name="name">View</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'ir.ui.view')]"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="False" name="perm_write"/>
|
||||
<field eval="False" name="perm_create"/>
|
||||
<field eval="False" name="perm_unlink"/>
|
||||
</record>
|
||||
<record id="access_view_admin" model="ir.model.access">
|
||||
<field name="name">View</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'ir.ui.view')]"/>
|
||||
<field name="group_id" ref="group_admin"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="True" name="perm_write"/>
|
||||
<field eval="True" name="perm_create"/>
|
||||
<field eval="True" name="perm_unlink"/>
|
||||
</record>
|
||||
|
||||
<record id="access_workflow" model="ir.model.access">
|
||||
<field name="name">Workflow</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'workflow')]"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="False" name="perm_write"/>
|
||||
<field eval="False" name="perm_create"/>
|
||||
<field eval="False" name="perm_unlink"/>
|
||||
</record>
|
||||
<record id="access_workflow_admin" model="ir.model.access">
|
||||
<field name="name">Workflow</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'workflow')]"/>
|
||||
<field name="group_id" ref="group_admin"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="True" name="perm_write"/>
|
||||
<field eval="True" name="perm_create"/>
|
||||
<field eval="True" name="perm_unlink"/>
|
||||
</record>
|
||||
|
||||
<record id="access_workflow_activity" model="ir.model.access">
|
||||
<field name="name">Workflow Activity</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'workflow.activity')]"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="False" name="perm_write"/>
|
||||
<field eval="False" name="perm_create"/>
|
||||
<field eval="False" name="perm_unlink"/>
|
||||
</record>
|
||||
<record id="access_workflow_activity_admin" model="ir.model.access">
|
||||
<field name="name">Workflow Activity</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'workflow.activity')]"/>
|
||||
<field name="group_id" ref="group_admin"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="True" name="perm_write"/>
|
||||
<field eval="True" name="perm_create"/>
|
||||
<field eval="True" name="perm_unlink"/>
|
||||
</record>
|
||||
|
||||
<record id="access_workflow_transition" model="ir.model.access">
|
||||
<field name="name">Workflow Transition</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'workflow.transition')]"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="False" name="perm_write"/>
|
||||
<field eval="False" name="perm_create"/>
|
||||
<field eval="False" name="perm_unlink"/>
|
||||
</record>
|
||||
<record id="access_workflow_transition_admin" model="ir.model.access">
|
||||
<field name="name">Workflow Transition</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'workflow.transition')]"/>
|
||||
<field name="group_id" ref="group_admin"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="True" name="perm_write"/>
|
||||
<field eval="True" name="perm_create"/>
|
||||
<field eval="True" name="perm_unlink"/>
|
||||
</record>
|
||||
|
||||
<record id="access_module_repository" model="ir.model.access">
|
||||
<field name="name">Module Repository</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'ir.module.repository')]"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="False" name="perm_write"/>
|
||||
<field eval="False" name="perm_create"/>
|
||||
<field eval="False" name="perm_unlink"/>
|
||||
</record>
|
||||
<record id="access_module_repository_admin" model="ir.model.access">
|
||||
<field name="name">Module Repository</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'ir.module.repository')]"/>
|
||||
<field name="group_id" ref="group_admin"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="True" name="perm_write"/>
|
||||
<field eval="True" name="perm_create"/>
|
||||
<field eval="True" name="perm_unlink"/>
|
||||
</record>
|
||||
|
||||
<record id="access_module_category" model="ir.model.access">
|
||||
<field name="name">Module Category</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'ir.module.category')]"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="False" name="perm_write"/>
|
||||
<field eval="False" name="perm_create"/>
|
||||
<field eval="False" name="perm_unlink"/>
|
||||
</record>
|
||||
<record id="access_module_category_admin" model="ir.model.access">
|
||||
<field name="name">Module Category</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'ir.module.category')]"/>
|
||||
<field name="group_id" ref="group_admin"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="True" name="perm_write"/>
|
||||
<field eval="True" name="perm_create"/>
|
||||
<field eval="True" name="perm_unlink"/>
|
||||
</record>
|
||||
|
||||
<record id="access_module_module" model="ir.model.access">
|
||||
<field name="name">Module</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'ir.module.module')]"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="False" name="perm_write"/>
|
||||
<field eval="False" name="perm_create"/>
|
||||
<field eval="False" name="perm_unlink"/>
|
||||
</record>
|
||||
<record id="access_module_module_admin" model="ir.model.access">
|
||||
<field name="name">Module</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'ir.module.module')]"/>
|
||||
<field name="group_id" ref="group_admin"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="True" name="perm_write"/>
|
||||
<field eval="True" name="perm_create"/>
|
||||
<field eval="True" name="perm_unlink"/>
|
||||
</record>
|
||||
|
||||
<record id="access_module_dependency" model="ir.model.access">
|
||||
<field name="name">Module Dependency</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'ir.module.module.dependency')]"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="False" name="perm_write"/>
|
||||
<field eval="False" name="perm_create"/>
|
||||
<field eval="False" name="perm_unlink"/>
|
||||
</record>
|
||||
<record id="access_module_dependency_admin" model="ir.model.access">
|
||||
<field name="name">Module Dependency</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'ir.module.module.dependency')]"/>
|
||||
<field name="group_id" ref="group_admin"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="True" name="perm_write"/>
|
||||
<field eval="True" name="perm_create"/>
|
||||
<field eval="True" name="perm_unlink"/>
|
||||
</record>
|
||||
|
||||
<record id="access_ui_menu" model="ir.model.access">
|
||||
<field name="name">Internal Request</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'res.request')]"/>
|
||||
<field eval="True" name="perm_read"/>
|
||||
<field eval="True" name="perm_write"/>
|
||||
<field eval="True" name="perm_create"/>
|
||||
<field eval="False" name="perm_unlink"/>
|
||||
</record>
|
||||
</data>
|
||||
</terp>
|
||||
<data noupdate="1">
|
||||
|
||||
<!--
|
||||
Users Groups
|
||||
-->
|
||||
<record model="res.groups" id="group_system">
|
||||
<field name="name">System</field>
|
||||
</record>
|
||||
|
||||
<record model="res.groups" id="group_erp_manager">
|
||||
<field name="name">ERP Manager</field>
|
||||
</record>
|
||||
|
||||
<record model="res.groups" id="group_user">
|
||||
<field name="name">Employee</field>
|
||||
</record>
|
||||
|
||||
<record model="res.groups" id="group_account_manager">
|
||||
<field name="name">Account Manager</field>
|
||||
</record>
|
||||
|
||||
<record model="res.groups" id="group_request">
|
||||
<field name="name">Request</field>
|
||||
</record>
|
||||
|
||||
<record model="res.groups" id="group_cron">
|
||||
<field name="name">Cron Jobs</field>
|
||||
</record>
|
||||
|
||||
<record model="res.groups" id="group_extended">
|
||||
<field name="name">Extended View</field>
|
||||
</record>
|
||||
|
||||
<record model="res.groups" id="group_no_one">
|
||||
<field name="name">No One</field>
|
||||
</record>
|
||||
|
||||
<!--
|
||||
Users
|
||||
-->
|
||||
<record model="res.users" id="base.user_root">
|
||||
<field name="signature">Administrator</field>
|
||||
<field name="address_id" ref="main_address"/>
|
||||
<field name="company_id" ref="main_company"/>
|
||||
<field name="action_id" ref="action_menu_admin"/>
|
||||
<field name="menu_id" ref="action_menu_admin"/>
|
||||
</record>
|
||||
|
||||
<!--
|
||||
Access
|
||||
-->
|
||||
|
||||
<!--Don't remove after-->
|
||||
<record model="ir.model.access" id="access_ir_actions_employee">
|
||||
<field name="name">ir.actions.actions Employee</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'ir.actions.actions')]"/>
|
||||
<field name="group_id" ref="group_user"/>
|
||||
<field name="perm_read" eval="1"/>
|
||||
<field name="perm_write" eval="0"/>
|
||||
<field name="perm_create" eval="0"/>
|
||||
<field name="perm_unlink" eval="0"/>
|
||||
</record>
|
||||
|
||||
<record model="ir.model.access" id="access_ir_actions_act_window_employee">
|
||||
<field name="name">ir.actions.act_window Employee</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'ir.actions.act_window')]"/>
|
||||
<field name="group_id" ref="group_user"/>
|
||||
<field name="perm_read" eval="1"/>
|
||||
<field name="perm_write" eval="0"/>
|
||||
<field name="perm_create" eval="0"/>
|
||||
<field name="perm_unlink" eval="0"/>
|
||||
</record>
|
||||
|
||||
<record model="ir.model.access" id="access_ir_actions_act_window_employee">
|
||||
<field name="name">ir.actions.act_window_close System</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'ir.actions.act_window_close')]"/>
|
||||
<field name="group_id" ref="group_system"/>
|
||||
<field name="perm_read" eval="1"/>
|
||||
<field name="perm_write" eval="0"/>
|
||||
<field name="perm_create" eval="0"/>
|
||||
<field name="perm_unlink" eval="0"/>
|
||||
</record>
|
||||
|
||||
<record model="ir.model.access" id="access_ir_actions_act_window_employee">
|
||||
<field name="name">ir.actions.act_window_close System</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'ir.actions.report.xml')]"/>
|
||||
<field name="group_id" ref="group_system"/>
|
||||
<field name="perm_read" eval="1"/>
|
||||
<field name="perm_write" eval="0"/>
|
||||
<field name="perm_create" eval="0"/>
|
||||
<field name="perm_unlink" eval="0"/>
|
||||
</record>
|
||||
|
||||
<record model="ir.model.access" id="access_ir_actions_act_window_employee">
|
||||
<field name="name">ir.actions.act_window_close System</field>
|
||||
<field model="ir.model" name="model_id" search="[('model', '=', 'ir.actions.wizard')]"/>
|
||||
<field name="group_id" ref="group_system"/>
|
||||
<field name="perm_read" eval="1"/>
|
||||
<field name="perm_write" eval="0"/>
|
||||
<field name="perm_create" eval="0"/>
|
||||
<field name="perm_unlink" eval="0"/>
|
||||
</record>
|
||||
|
||||
<record model="ir.model.access" id="access_workflow_group_system">
|
||||
<field name="name">workflow group_system</field>
|
||||
<field name="model_id" model="ir.model" search="[('model', '=', 'workflow')]"/>
|
||||
<field name="group_id" ref="group_system"/>
|
||||
<field name="perm_read" eval="1"/>
|
||||
<field name="perm_write" eval="0"/>
|
||||
<field name="perm_create" eval="0"/>
|
||||
<field name="perm_unlink" eval="0"/>
|
||||
</record>
|
||||
|
||||
<record model="ir.model.access" id="access_workflow_activity_group_system">
|
||||
<field name="name">workflow_activity group_system</field>
|
||||
<field name="model_id" model="ir.model" search="[('model', '=', 'workflow.activity')]"/>
|
||||
<field name="group_id" ref="group_system"/>
|
||||
<field name="perm_read" eval="1"/>
|
||||
<field name="perm_write" eval="0"/>
|
||||
<field name="perm_create" eval="0"/>
|
||||
<field name="perm_unlink" eval="0"/>
|
||||
</record>
|
||||
|
||||
<record model="ir.model.access" id="access_workflow_instance_group_system">
|
||||
<field name="name">workflow_instance group_system</field>
|
||||
<field name="model_id" model="ir.model" search="[('model', '=', 'workflow.instance')]"/>
|
||||
<field name="group_id" ref="group_system"/>
|
||||
<field name="perm_read" eval="1"/>
|
||||
<field name="perm_write" eval="0"/>
|
||||
<field name="perm_create" eval="0"/>
|
||||
<field name="perm_unlink" eval="0"/>
|
||||
</record>
|
||||
|
||||
<record model="ir.model.access" id="access_workflow_transition_group_system">
|
||||
<field name="name">workflow_transition group_system</field>
|
||||
<field name="model_id" model="ir.model" search="[('model', '=', 'workflow.transition')]"/>
|
||||
<field name="group_id" ref="group_system"/>
|
||||
<field name="perm_read" eval="1"/>
|
||||
<field name="perm_write" eval="0"/>
|
||||
<field name="perm_create" eval="0"/>
|
||||
<field name="perm_unlink" eval="0"/>
|
||||
</record>
|
||||
|
||||
<record model="ir.model.access" id="access_workflow_triggers_group_system">
|
||||
<field name="name">workflow_triggers group_system</field>
|
||||
<field name="model_id" model="ir.model" search="[('model', '=', 'workflow.triggers')]"/>
|
||||
<field name="group_id" ref="group_system"/>
|
||||
<field name="perm_read" eval="1"/>
|
||||
<field name="perm_write" eval="0"/>
|
||||
<field name="perm_create" eval="0"/>
|
||||
<field name="perm_unlink" eval="0"/>
|
||||
</record>
|
||||
|
||||
<record model="ir.model.access" id="access_workflow_workitem_group_system">
|
||||
<field name="name">workflow_workitem group_system</field>
|
||||
<field name="model_id" model="ir.model" search="[('model', '=', 'workflow.workitem')]"/>
|
||||
<field name="group_id" ref="group_system"/>
|
||||
<field name="perm_read" eval="1"/>
|
||||
<field name="perm_write" eval="0"/>
|
||||
<field name="perm_create" eval="0"/>
|
||||
<field name="perm_unlink" eval="0"/>
|
||||
</record>
|
||||
<!--Don't remove before-->
|
||||
|
||||
</data>
|
||||
</terp>
|
||||
|
|
|
@ -29,6 +29,14 @@
|
|||
</page>
|
||||
<page string="Access Rights">
|
||||
<field colspan="4" name="model_access" nolabel="1">
|
||||
<tree string="Access Rules" editable="top">
|
||||
<field name="model_id"/>
|
||||
<field name="perm_read"/>
|
||||
<field name="perm_write"/>
|
||||
<field name="perm_create"/>
|
||||
<field name="perm_unlink"/>
|
||||
<field name="name"/>
|
||||
</tree>
|
||||
<form string="Access Controls">
|
||||
<field colspan="4" name="name" select="1"/>
|
||||
<field name="model_id" select="1"/>
|
||||
|
@ -40,8 +48,17 @@
|
|||
</form>
|
||||
</field>
|
||||
</page>
|
||||
<page string="Menus">
|
||||
<field colspan="4" name="menu_access"/>
|
||||
</page>
|
||||
<page string="Rules">
|
||||
<field colspan="4" name="rule_groups" nolabel="1"/>
|
||||
<field colspan="4" name="rule_groups" nolabel="1">
|
||||
<tree string="Rules">
|
||||
<field name="name"/>
|
||||
<field name="model_id"/>
|
||||
<field name="global"/>
|
||||
</tree>
|
||||
</field>
|
||||
</page><page string="Notes">
|
||||
<field colspan="4" name="comment" nolabel="1"/>
|
||||
</page>
|
||||
|
|
|
@ -0,0 +1,73 @@
|
|||
id,name,model_id:id,group_id:id,perm_read,perm_write,perm_create,perm_unlink
|
||||
access_ir_attachment_group_system,ir_attachment group_system,model_ir_attachment,group_system,1,0,0,0
|
||||
access_ir_cron_group_cron,ir_cron group_cron,model_ir_cron,group_cron,1,1,1,1
|
||||
access_ir_default_group_system,ir_default group_system,model_ir_default,group_system,1,0,0,0
|
||||
access_ir_exports_group_system,ir_exports group_system,model_ir_exports,group_system,1,0,0,0
|
||||
access_ir_exports_line_group_system,ir_exports_line group_system,model_ir_exports_line,group_system,1,0,0,0
|
||||
access_ir_model_group_system,ir_model group_system,model_ir_model,group_system,1,0,0,0
|
||||
access_ir_model_access_group_system,ir_model_access group_system,model_ir_model_access,group_system,1,0,0,0
|
||||
access_ir_model_config_group_system,ir_model_config group_system,model_ir_model_config,group_system,1,0,0,0
|
||||
access_ir_model_data_group_user,ir_model_data group_user,model_ir_model_data,group_user,1,1,0,0
|
||||
access_ir_model_fields_group_user,ir_model_fields group_user,model_ir_model_fields,group_user,1,1,0,0
|
||||
access_ir_module_category_group_user,ir_module_category group_user,model_ir_module_category,group_user,1,1,0,0
|
||||
access_ir_module_module_group_user,ir_module_module group_user,model_ir_module_module,group_user,1,1,0,0
|
||||
access_ir_module_module_configuration_step_group_system,ir_module_module_configuration_step group_system,model_ir_module_module_configuration_step,group_system,1,0,0,0
|
||||
access_ir_module_module_configuration_wizard_group_system,ir_module_module_configuration_wizard group_system,model_ir_module_module_configuration_wizard,group_system,1,0,0,0
|
||||
access_ir_module_module_dependency_group_system,ir_module_module_dependency group_system,model_ir_module_module_dependency,group_system,1,0,0,0
|
||||
access_ir_module_repository_group_system,ir_module_repository group_system,model_ir_module_repository,group_system,1,0,0,0
|
||||
access_ir_property_group_user,ir_property group_user,model_ir_property,group_user,1,0,0,0
|
||||
access_ir_report_custom_group_system,ir_report_custom group_system,model_ir_report_custom,group_system,1,0,0,0
|
||||
access_ir_report_custom_fields_group_system,ir_report_custom_fields group_system,model_ir_report_custom_fields,group_system,1,0,0,0
|
||||
access_ir_rule_group_user,ir_rule group_user,model_ir_rule,group_user,1,0,0,0
|
||||
access_ir_rule_group_group_user,ir_rule_group group_user,model_ir_rule_group,group_user,1,0,0,0
|
||||
access_ir_sequence_group_user,ir_sequence group_user,model_ir_sequence,group_user,1,0,0,0
|
||||
access_ir_sequence_type_group_user,ir_sequence_type group_user,model_ir_sequence_type,group_user,1,0,0,0
|
||||
access_ir_translation_group_system,ir_translation group_system,model_ir_translation,group_system,1,0,0,0
|
||||
access_ir_ui_menu_group_user,ir_ui_menu group_user,model_ir_ui_menu,group_user,1,0,0,0
|
||||
access_ir_ui_view_group_user,ir_ui_view group_user,model_ir_ui_view,group_user,1,0,0,0
|
||||
access_ir_ui_view_sc_group_user,ir_ui_view_sc group_user,model_ir_ui_view_sc,group_user,1,1,0,0
|
||||
access_ir_values_group_erp_manager,ir_values group_erp_manager,model_ir_values,group_erp_manager,0,1,0,0
|
||||
access_ir_values_group_user,ir_values group_user,model_ir_values,group_user,1,0,0,0
|
||||
access_wizard_ir_model_menu_create_group_system,wizard_ir_model_menu_create group_system,model_wizard_ir_model_menu_create,group_system,1,0,0,0
|
||||
access_wizard_ir_model_menu_create_line_group_system,wizard_ir_model_menu_create_line group_system,model_wizard_ir_model_menu_create_line,group_system,1,0,0,0
|
||||
access_wizard_module_lang_export_group_system,wizard_module_lang_export group_system,model_wizard_module_lang_export,group_system,1,0,0,0
|
||||
access_res_company_group_erp_manager,res_company group_erp_manager,model_res_company,group_erp_manager,1,1,1,1
|
||||
access_res_company_group_user,res_company group_user,model_res_company,group_user,1,0,0,0
|
||||
access_res_country_group_user,res_country group_user,model_res_country,group_user,1,0,0,0
|
||||
access_res_country_state_group_user,res_country_state group_user,model_res_country_state,group_user,1,0,0,0
|
||||
access_res_currency_group_user,res_currency group_user,model_res_currency,group_user,1,0,0,0
|
||||
access_res_currency_rate_group_account_manager,res_currency_rate group_account_manager,model_res_currency_rate,group_account_manager,1,1,1,1
|
||||
access_res_currency_rate_group_user,res_currency_rate group_user,model_res_currency_rate,group_user,1,0,0,0
|
||||
access_res_groups_group_erp_manager,res_groups group_erp_manager,model_res_groups,group_erp_manager,1,1,1,1
|
||||
access_res_groups_group_user,res_groups group_user,model_res_groups,group_user,1,0,0,0
|
||||
access_res_lang_group_user,res_lang group_user,model_res_lang,group_user,1,0,0,0
|
||||
access_res_partner_group_partner_manager,res_partner group_partner_manager,model_res_partner,group_partner_manager,0,0,0,1
|
||||
access_res_partner_group_user,res_partner group_user,model_res_partner,group_user,1,1,1,0
|
||||
access_res_partner_address_group_partner_manager,res_partner_address group_partner_manager,model_res_partner_address,group_partner_manager,0,0,0,1
|
||||
access_res_partner_address_group_user,res_partner_address group_user,model_res_partner_address,group_user,1,1,1,0
|
||||
access_res_partner_bank_group_user,res_partner_bank group_user,model_res_partner_bank,group_user,1,1,1,0
|
||||
access_res_partner_bank_group_partner_manager,res_partner_bank group_partner_manager,model_res_partner_bank,group_partner_manager,0,0,0,1
|
||||
access_res_partner_bank_type_group_partner_manager,res_partner_bank_type group_partner_manager,model_res_partner_bank_type,group_partner_manager,0,0,0,1
|
||||
access_res_partner_bank_type_group_user,res_partner_bank_type group_user,model_res_partner_bank_type,group_user,1,1,1,0
|
||||
access_res_partner_bank_type_field_group_partner_manager,res_partner_bank_type_field group_partner_manager,model_res_partner_bank_type_field,group_partner_manager,0,0,0,1
|
||||
access_res_partner_bank_type_field_group_user,res_partner_bank_type_field group_user,model_res_partner_bank_type_field,group_user,1,1,1,0
|
||||
access_res_partner_canal_group_user,res_partner_canal group_user,model_res_partner_canal,group_user,1,1,1,0
|
||||
access_res_partner_canal_group_partner_manager,res_partner_canal group_partner_manager,model_res_partner_canal,group_partner_manager,0,0,0,1
|
||||
access_res_partner_category_group_user,res_partner_category group_user,model_res_partner_category,group_user,1,1,1,0
|
||||
access_res_partner_category_group_partner_manager,res_partner_category group_partner_manager,model_res_partner_category,group_partner_manager,0,0,0,1
|
||||
access_res_partner_event_group_partner_manager,res_partner_event group_partner_manager,model_res_partner_event,group_partner_manager,0,0,0,1
|
||||
access_res_partner_event_group_user,res_partner_event group_user,model_res_partner_event,group_user,1,1,1,0
|
||||
access_res_partner_event_type_group_partner_manager,res_partner_event_type group_partner_manager,model_res_partner_event_type,group_partner_manager,0,0,0,1
|
||||
access_res_partner_event_type_group_user,res_partner_event_type group_user,model_res_partner_event_type,group_user,1,1,1,0
|
||||
access_res_partner_function_group_user,res_partner_function group_user,model_res_partner_function,group_user,1,1,1,0
|
||||
access_res_partner_function_group_partner_manager,res_partner_function group_partner_manager,model_res_partner_function,group_partner_manager,0,0,0,1
|
||||
access_res_partner_som_group_user,res_partner_som group_user,model_res_partner_som,group_user,1,1,1,0
|
||||
access_res_partner_som_group_partner_manager,res_partner_som group_partner_manager,model_res_partner_som,group_partner_manager,0,0,0,1
|
||||
access_res_partner_title_group_user,res_partner_title group_user,model_res_partner_title,group_user,1,1,1,0
|
||||
access_res_partner_title_group_partner_manager,res_partner_title group_partner_manager,model_res_partner_title,group_partner_manager,0,0,0,1
|
||||
access_res_request_group_user,res_request group_user,model_res_request,group_user,1,0,0,0
|
||||
access_res_request_group_request,res_request group_request,model_res_request,group_request,1,1,1,1
|
||||
access_res_request_history_group_user,res_request_history group_user,model_res_request_history,group_user,1,0,0,0
|
||||
access_res_request_link_group_user,res_request_link group_user,model_res_request_link,group_user,1,0,0,0
|
||||
access_res_users_group_user,res_users group_user,model_res_users,group_user,1,1,0,0
|
||||
access_res_users_group_erp_manager,res_users group_erp_manager,model_res_users,group_erp_manager,1,1,1,1
|
|
|
@ -965,15 +965,16 @@
|
|||
</field>
|
||||
</record>
|
||||
<record id="ir_access_act" model="ir.actions.act_window">
|
||||
<field name="name">Access controls</field>
|
||||
<field name="name">Access controls List</field>
|
||||
<field name="res_model">ir.model.access</field>
|
||||
<field name="view_type">form</field>
|
||||
<field name="view_id" ref="ir_access_view_tree"/>
|
||||
</record>
|
||||
<menuitem action="ir_access_act" id="menu_ir_access_act" parent="base.menu_security"/>
|
||||
<menuitem name="Access Conrols" id="menu_security_access" parent="menu_security"/>
|
||||
<menuitem action="ir_access_act" id="menu_ir_access_act" parent="menu_security_access"/>
|
||||
|
||||
<!-- Rules -->
|
||||
|
||||
|
||||
<record id="view_rule_group_form" model="ir.ui.view">
|
||||
<field name="name">Record rules</field>
|
||||
<field name="model">ir.rule.group</field>
|
||||
|
@ -1147,8 +1148,8 @@
|
|||
<field name="context">{'key':'server_action'}</field>
|
||||
</record>
|
||||
<menuitem action="action_server_action" id="menu_server_action" parent="base.next_id_6"/>
|
||||
|
||||
<record id="view_model_fields_tree" model="ir.ui.view">
|
||||
|
||||
<record id="view_model_fields_tree" model="ir.ui.view">
|
||||
<field name="name">ir.model.fields.tree</field>
|
||||
<field name="model">ir.model.fields</field>
|
||||
<field name="type">tree</field>
|
||||
|
@ -1161,5 +1162,42 @@
|
|||
</tree>
|
||||
</field>
|
||||
</record>
|
||||
|
||||
|
||||
<record id="ir_access_view_form" model="ir.ui.view">
|
||||
<field name="name">ir.model.access.form</field>
|
||||
<field name="model">ir.model.access</field>
|
||||
<field name="type">form</field>
|
||||
<field name="arch" type="xml">
|
||||
<form string="Access controls">
|
||||
<field colspan="4" name="name" select="1"/>
|
||||
<field name="model_id" select="1"/>
|
||||
<field name="group_id" select="1"/>
|
||||
<newline/>
|
||||
<field name="perm_read"/>
|
||||
<field name="perm_write"/>
|
||||
<field name="perm_create"/>
|
||||
<field name="perm_unlink"/>
|
||||
</form>
|
||||
</field>
|
||||
</record>
|
||||
<record id="ir_access_act" model="ir.actions.act_window">
|
||||
<field name="name">Access controls List</field>
|
||||
<field name="res_model">ir.model.access</field>
|
||||
<field name="view_type">form</field>
|
||||
<field name="view_id" ref="ir_access_view_tree"/>
|
||||
</record>
|
||||
<menuitem name="Access Conrols" id="menu_security_access" parent="menu_security"/>
|
||||
<menuitem action="ir_access_act" id="menu_ir_access_act" parent="menu_security_access"/>
|
||||
|
||||
|
||||
<record model="ir.actions.act_window" id="action_model_grid_security">
|
||||
<field name="name">Access Controls Grid</field>
|
||||
<field name="res_model">ir.model.grid</field>
|
||||
<field name="view_type">form</field>
|
||||
<field name="view_mode">tree,form</field>
|
||||
</record>
|
||||
<menuitem action="action_model_grid_security" id="menu_ir_access_grid" parent="menu_security_access"/>
|
||||
|
||||
</data>
|
||||
</terp>
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
# -*- encoding: utf-8 -*-
|
||||
##############################################################################
|
||||
#
|
||||
# Copyright (c) 2004-2008 TINY SPRL. (http://tiny.be) All Rights Reserved.
|
||||
# Copyright (c) 2008 Camptocamp SA
|
||||
#
|
||||
# $Id$
|
||||
#
|
||||
|
@ -50,13 +50,13 @@ class ir_model(osv.osv):
|
|||
'model': fields.char('Object Name', size=64, required=True, search=1),
|
||||
'info': fields.text('Information'),
|
||||
'field_id': fields.one2many('ir.model.fields', 'model_id', 'Fields', required=True),
|
||||
'state': fields.selection([('manual','Custom Object'),('base','Base Field')],'Manualy Created',readonly=1),
|
||||
'state': fields.selection([('manual','Custom Object'),('base','Base Object')],'Manualy Created',readonly=1),
|
||||
'access': fields.one2many('ir.model.access', 'model_id', 'Access'),
|
||||
}
|
||||
_defaults = {
|
||||
'model': lambda *a: 'x_',
|
||||
'state': lambda self,cr,uid,ctx={}: (ctx and ctx.get('manual',False)) and 'manual' or 'base',
|
||||
}
|
||||
|
||||
def _check_model_name(self, cr, uid, ids):
|
||||
for model in self.browse(cr, uid, ids):
|
||||
if model.state=='manual':
|
||||
|
@ -97,6 +97,97 @@ class ir_model(osv.osv):
|
|||
x_custom_model._rec_name = x_custom_model._columns.keys()[0]
|
||||
ir_model()
|
||||
|
||||
|
||||
class ir_model_grid(osv.osv):
|
||||
_name = 'ir.model.grid'
|
||||
_table = 'ir_model'
|
||||
_description = "Objects Security Grid"
|
||||
_rec_name = 'name'
|
||||
_columns = {
|
||||
'name': fields.char('Object', size=64),
|
||||
'model': fields.char('Object Name', size=64),
|
||||
}
|
||||
|
||||
def create(self, cr, uid, vals, context=None):
|
||||
raise osv.except_osv('Error !', 'You cannot add an entry to this view !')
|
||||
|
||||
def unlink(self, *args, **argv):
|
||||
raise osv.except_osv('Error !', 'You cannot add an entry to this view !')
|
||||
|
||||
def read(self, cr, uid, ids, fields=None, context=None, load='_classic_read'):
|
||||
result = super(osv.osv, self).read(cr, uid, ids, fields, context, load)
|
||||
allgr = self.pool.get('res.groups').search(cr, uid, [], context=context)
|
||||
acc_obj = self.pool.get('ir.model.access')
|
||||
for res in result:
|
||||
rules = acc_obj.search(cr, uid, [('model_id', '=', res['id'])])
|
||||
rules_br = acc_obj.browse(cr, uid, rules, context=context)
|
||||
for g in allgr:
|
||||
res['group_'+str(g)] = ''
|
||||
for rule in rules_br:
|
||||
perm_list = []
|
||||
if rule.perm_read:
|
||||
perm_list.append('r')
|
||||
if rule.perm_write:
|
||||
perm_list.append('w')
|
||||
if rule.perm_create:
|
||||
perm_list.append('c')
|
||||
if rule.perm_unlink:
|
||||
perm_list.append('u')
|
||||
perms = ",".join(perm_list)
|
||||
res['group_%i'%rule.group_id.id] = perms
|
||||
return result
|
||||
|
||||
#
|
||||
# This function do not write fields from ir.model because
|
||||
# access rights may be different for managing models and
|
||||
# access rights
|
||||
#
|
||||
def write(self, cr, uid, ids, vals, context=None):
|
||||
vals_new = vals.copy()
|
||||
acc_obj = self.pool.get('ir.model.access')
|
||||
for grid in self.browse(cr, uid, ids, context=context):
|
||||
model_id = grid.id
|
||||
perms_rel = ['read','write','create','unlink']
|
||||
for val in vals:
|
||||
if not val[:6]=='group_':
|
||||
continue
|
||||
group_id = int(val[6:])
|
||||
rules = acc_obj.search(cr, uid, [('model_id', '=', model_id),('group_id', '=', group_id)])
|
||||
if not rules:
|
||||
rules = [acc_obj.create(cr, uid, {
|
||||
'name': grid.name,
|
||||
'model_id':model_id,
|
||||
'group_id':group_id
|
||||
}) ]
|
||||
vals = dict(map(lambda x: ('perm_'+x, x[0] in (vals[val] or '')), perms_rel))
|
||||
acc_obj.write(cr, uid, rules, vals, context=context)
|
||||
return True
|
||||
|
||||
def fields_get(self, cr, uid, fields=None, context=None, read_access=True):
|
||||
result = super(ir_model_grid, self).fields_get(cr, uid, fields, context)
|
||||
groups = self.pool.get('res.groups').search(cr, uid, [])
|
||||
groups_br = self.pool.get('res.groups').browse(cr, uid, groups)
|
||||
for group in groups_br:
|
||||
result['group_%i'%group.id] = {'string': '%s'%group.name,'type': 'char','size': 7}
|
||||
return result
|
||||
|
||||
def fields_view_get(self, cr, uid, view_id=None, view_type='form', context={}, toolbar=False):
|
||||
result = super(ir_model_grid, self).fields_view_get(cr, uid, view_id, view_type, context=context, toolbar=toolbar)
|
||||
groups = self.pool.get('res.groups').search(cr, uid, [])
|
||||
groups_br = self.pool.get('res.groups').browse(cr, uid, groups)
|
||||
cols = ['model', 'name']
|
||||
xml = '''<?xml version="1.0"?>
|
||||
<%s editable="bottom">
|
||||
<field name="name" select="1" readonly="1"/>
|
||||
<field name="model" select="1" readonly="1"/>''' % (view_type,)
|
||||
for group in groups_br:
|
||||
xml += '''<field name="group_%i" sum="%s"/>''' % (group.id, group.name)
|
||||
xml += '''</%s>''' % (view_type,)
|
||||
result['arch'] = xml
|
||||
result['fields'] = self.fields_get(cr, uid, cols, context)
|
||||
return result
|
||||
ir_model_grid()
|
||||
|
||||
class ir_model_fields(osv.osv):
|
||||
_name = 'ir.model.fields'
|
||||
_description = "Fields"
|
||||
|
@ -176,7 +267,7 @@ class ir_model_access(osv.osv):
|
|||
res = False
|
||||
grouparr = group.split('.')
|
||||
if grouparr:
|
||||
cr.execute("select * from res_groups_users_rel where uid=" + str(uid) + " and gid in(select res_id from ir_model_data where module='%s' and name='%s')" % (grouparr[0], grouparr[1]))
|
||||
cr.execute("select * from res_groups_users_rel where uid=" + str(uid) + " and gid in(select res_id from ir_model_data where module=%s and name=%s)", (grouparr[0], grouparr[1],))
|
||||
r = cr.fetchall()
|
||||
if not r:
|
||||
res = False
|
||||
|
@ -186,30 +277,29 @@ class ir_model_access(osv.osv):
|
|||
res = False
|
||||
return res
|
||||
|
||||
def check_groups_by_id(self, cr, uid, group_id):
|
||||
cr.execute("select * from res_groups_users_rel where uid=%i and gid=%i", (uid, group_id,))
|
||||
r = cr.fetchall()
|
||||
if not r:
|
||||
res = False
|
||||
else:
|
||||
res = True
|
||||
return res
|
||||
|
||||
def check(self, cr, uid, model_name, mode='read',raise_exception=True):
|
||||
assert mode in ['read','write','create','unlink'], 'Invalid access mode for security'
|
||||
if uid == 1:
|
||||
# Users root have all access (Todo: exclude xml-rpc requests)
|
||||
if uid==1:
|
||||
return True
|
||||
|
||||
|
||||
assert mode in ['read','write','create','unlink'], 'Invalid access mode'
|
||||
|
||||
# We check if a specific rule exists
|
||||
cr.execute('SELECT MAX(CASE WHEN perm_'+mode+' THEN 1 else 0 END) '
|
||||
'FROM ir_model_access a '
|
||||
'JOIN ir_model m '
|
||||
'ON (a.model_id=m.id) '
|
||||
'JOIN res_groups_users_rel gu '
|
||||
'ON (gu.gid = a.group_id) '
|
||||
'WHERE m.model = %s AND gu.uid = %s', (model_name, uid,))
|
||||
'from ir_model_access a join ir_model m on (m.id=a.model_id) '
|
||||
'join res_groups_users_rel gu on (gu.gid = a.group_id) '
|
||||
'where m.model=%s and gu.uid=%s', (model_name, uid,))
|
||||
r = cr.fetchall()
|
||||
if r[0][0] == None:
|
||||
cr.execute('SELECT MAX(CASE WHEN perm_'+mode+' THEN 1 else 0 END) '
|
||||
'FROM ir_model_access a '
|
||||
'JOIN ir_model m '
|
||||
'ON (a.model_id = m.id) '
|
||||
'WHERE a.group_id IS NULL AND m.model = %s', (model_name,))
|
||||
r= cr.fetchall()
|
||||
if r[0][0] == None:
|
||||
return True # Changed waiting final rules
|
||||
#return False # by default, the user had no access
|
||||
|
||||
|
||||
if not r[0][0]:
|
||||
if raise_exception:
|
||||
msgs = {
|
||||
|
@ -218,14 +308,13 @@ class ir_model_access(osv.osv):
|
|||
'create': _('You can not create this kind of document! (%s)'),
|
||||
'unlink': _('You can not delete this document! (%s)'),
|
||||
}
|
||||
# due to the assert at the begin of the function, we will never have a KeyError
|
||||
raise except_orm(_('AccessError'), msgs[mode] % model_name )
|
||||
return r[0][0]
|
||||
|
||||
check = tools.cache()(check)
|
||||
|
||||
#
|
||||
# Methods to clean the cache on the Check Method.
|
||||
# Check rights on actions
|
||||
#
|
||||
def write(self, cr, uid, *args, **argv):
|
||||
res = super(ir_model_access, self).write(cr, uid, *args, **argv)
|
||||
|
@ -239,6 +328,10 @@ class ir_model_access(osv.osv):
|
|||
res = super(ir_model_access, self).unlink(cr, uid, *args, **argv)
|
||||
self.check()
|
||||
return res
|
||||
def read(self, cr, uid, *args, **argv):
|
||||
res = super(ir_model_access, self).read(cr, uid, *args, **argv)
|
||||
self.check()
|
||||
return res
|
||||
ir_model_access()
|
||||
|
||||
class ir_model_data(osv.osv):
|
||||
|
@ -430,6 +523,38 @@ class ir_model_data(osv.osv):
|
|||
return True
|
||||
ir_model_data()
|
||||
|
||||
class ir_model_config(osv.osv):
|
||||
_name = 'ir.model.config'
|
||||
_columns = {
|
||||
'password': fields.char('Password', size=64),
|
||||
'password_check': fields.char('confirmation', size=64),
|
||||
}
|
||||
|
||||
def action_cancel(self, cr, uid, ids, context={}):
|
||||
return {
|
||||
'view_type': 'form',
|
||||
"view_mode": 'form',
|
||||
'res_model': 'ir.module.module.configuration.wizard',
|
||||
'type': 'ir.actions.act_window',
|
||||
'target':'new',
|
||||
}
|
||||
|
||||
def action_update_pw(self, cr, uid, ids, context={}):
|
||||
res = self.read(cr,uid,ids)[0]
|
||||
root = self.pool.get('res.users').browse(cr, uid, [1])[0]
|
||||
self.unlink(cr, uid, [res['id']])
|
||||
if res['password']!=res['password_check']:
|
||||
raise except_orm(_('Error'), _("Password mismatch !"))
|
||||
elif not res['password']:
|
||||
raise except_orm(_('Error'), _("Password empty !"))
|
||||
self.pool.get('res.users').write(cr, uid, [root.id], {'password':res['password']})
|
||||
return {
|
||||
'view_type': 'form',
|
||||
"view_mode": 'form',
|
||||
'res_model': 'ir.module.module.configuration.wizard',
|
||||
'type': 'ir.actions.act_window',
|
||||
'target':'new',
|
||||
}
|
||||
ir_model_config()
|
||||
|
||||
# vim:expandtab:smartindent:tabstop=4:softtabstop=4:shiftwidth=4:
|
||||
|
||||
|
|
|
@ -11,7 +11,7 @@
|
|||
<field name="name">Update Modules List</field>
|
||||
<field name="wiz_name">module.module.update</field>
|
||||
</record>
|
||||
<menuitem action="wizard_update" groups="group_admin" icon="STOCK_CONVERT" id="menu_module_update" parent="menu_management" type="wizard"/>
|
||||
<menuitem action="wizard_update" icon="STOCK_CONVERT" id="menu_module_update" parent="menu_management" type="wizard"/>
|
||||
|
||||
<wizard id="wizard_upgrade" model="ir.module.module" name="module.upgrade" string="Apply Scheduled Upgrades"/>
|
||||
<menuitem action="wizard_upgrade" id="menu_wizard_upgrade" parent="menu_management" type="wizard"/>
|
||||
|
|
|
@ -38,7 +38,7 @@
|
|||
</record>
|
||||
|
||||
<menuitem id="menu_localisation" name="Localisation" parent="menu_base_config"/>
|
||||
<menuitem action="action_country" groups="group_admin" id="menu_country_partner" parent="menu_localisation"/>
|
||||
<menuitem action="action_country" id="menu_country_partner" parent="menu_localisation"/>
|
||||
|
||||
<!--
|
||||
State
|
||||
|
@ -78,7 +78,7 @@
|
|||
<field name="view_id" ref="view_country_state_tree"/>
|
||||
</record>
|
||||
|
||||
<menuitem action="action_country_state" groups="group_admin" id="menu_country_state_partner" parent="menu_localisation"/>
|
||||
<menuitem action="action_country_state" id="menu_country_state_partner" parent="menu_localisation"/>
|
||||
|
||||
</data>
|
||||
</terp>
|
|
@ -19,7 +19,7 @@
|
|||
<field name="view_type">form</field>
|
||||
<field name="view_mode">tree,form</field>
|
||||
</record>
|
||||
<menuitem id="next_id_14" name="Partner Events" parent="base.menu_base_config"/><menuitem action="res_partner_canal-act" groups="group_admin" id="menu_res_partner_canal-act" parent="next_id_14"/>
|
||||
<menuitem id="next_id_14" name="Partner Events" parent="base.menu_base_config"/><menuitem action="res_partner_canal-act" id="menu_res_partner_canal-act" parent="next_id_14"/>
|
||||
|
||||
<record id="res_partner_event_type-view" model="ir.ui.view">
|
||||
<field name="name">res.partner.event.type.form</field>
|
||||
|
@ -53,7 +53,7 @@
|
|||
<field name="view_mode">tree,form</field>
|
||||
<field name="context">{'active_test': False}</field>
|
||||
</record>
|
||||
<menuitem action="res_partner_event_type-act" groups="group_admin" id="menu_res_partner_event_type-act" parent="base.next_id_14"/>
|
||||
<menuitem action="res_partner_event_type-act" id="menu_res_partner_event_type-act" parent="base.next_id_14"/>
|
||||
|
||||
<record id="res_partner_som_tree-view" model="ir.ui.view">
|
||||
<field name="name">res.partner.som.tree</field>
|
||||
|
@ -84,7 +84,7 @@
|
|||
<field name="view_type">form</field>
|
||||
<field name="view_mode">tree,form</field>
|
||||
</record>
|
||||
<menuitem action="res_partner_som-act" groups="group_admin" id="menu_res_partner_som-act" parent="base.next_id_14"/>
|
||||
<menuitem action="res_partner_som-act" id="menu_res_partner_som-act" parent="base.next_id_14"/>
|
||||
|
||||
<record id="res_partner_event-wopartner-view_form" model="ir.ui.view">
|
||||
<field name="name">res.partner.event.form</field>
|
||||
|
|
|
@ -195,7 +195,7 @@
|
|||
<record id="res_partner_11" model="res.partner">
|
||||
<field name="name">Leclerc</field>
|
||||
<field eval="1200.00" name="credit_limit"/>
|
||||
<field name="user_id" ref="user_admin"/>
|
||||
<field name="user_id" ref="user_demo"/>
|
||||
<field eval="[(6, 0, [ref('res_partner_category_0')])]" name="category_id"/>
|
||||
</record>
|
||||
<record id="res_partner_14" model="res.partner">
|
||||
|
@ -210,7 +210,7 @@
|
|||
<field name="ean13">3020178570171</field>
|
||||
<field name="parent_id" ref="res_partner_14"/>
|
||||
<field eval="1500.00" name="credit_limit"/>
|
||||
<field name="user_id" ref="user_admin"/>
|
||||
<field name="user_id" ref="user_demo"/>
|
||||
<field eval="[(6, 0, [ref('res_partner_category_11')])]" name="category_id"/>
|
||||
</record>
|
||||
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
<data>
|
||||
<menuitem icon="terp-partner" id="menu_base_partner" name="Partners" sequence="0"/>
|
||||
|
||||
<menuitem groups="group_admin" id="menu_base_config" name="Configuration" parent="menu_base_partner" sequence="1"/>
|
||||
<menuitem id="menu_base_config" name="Configuration" parent="menu_base_partner" sequence="1"/>
|
||||
|
||||
<!--
|
||||
================================
|
||||
|
@ -38,7 +38,7 @@
|
|||
<field name="res_model">res.partner.function</field>
|
||||
<field name="view_type">form</field>
|
||||
</record>
|
||||
<menuitem action="action_partner_function_form" groups="group_admin" id="menu_partner_function_form" parent="base.menu_base_config"/>
|
||||
<menuitem action="action_partner_function_form" id="menu_partner_function_form" parent="base.menu_base_config"/>
|
||||
|
||||
<!--
|
||||
=====================
|
||||
|
@ -173,7 +173,7 @@
|
|||
<field name="res_model">res.partner.title</field>
|
||||
<field name="view_type">form</field>
|
||||
</record>
|
||||
<menuitem action="action_partner_title" groups="group_admin" id="menu_partner_title" parent="base.menu_base_config"/>
|
||||
<menuitem action="action_partner_title" id="menu_partner_title" parent="base.menu_base_config"/>
|
||||
|
||||
<!--
|
||||
=======================
|
||||
|
|
|
@ -0,0 +1,9 @@
|
|||
<?xml version="1.0" encoding="utf-8"?><terp><data noupdate="1">
|
||||
<record model="res.groups" id="group_account_manager">
|
||||
<field name="name">Account Manager</field>
|
||||
</record>
|
||||
|
||||
<record model="res.groups" id="group_partner_manager">
|
||||
<field name="name">Partner Manager</field>
|
||||
</record>
|
||||
</data></terp>
|
|
@ -2,6 +2,7 @@
|
|||
##############################################################################
|
||||
#
|
||||
# Copyright (c) 2004-2008 TINY SPRL. (http://tiny.be) All Rights Reserved.
|
||||
# Copyright (c) 2008 Camptocamp SA
|
||||
#
|
||||
# $Id$
|
||||
#
|
||||
|
@ -29,6 +30,7 @@
|
|||
##############################################################################
|
||||
|
||||
from osv import fields,osv
|
||||
from osv.orm import except_orm
|
||||
import tools
|
||||
import pytz
|
||||
|
||||
|
@ -71,7 +73,8 @@ class roles(osv.osv):
|
|||
_columns = {
|
||||
'name': fields.char('Role Name', size=64, required=True),
|
||||
'parent_id': fields.many2one('res.roles', 'Parent', select=True),
|
||||
'child_id': fields.one2many('res.roles', 'parent_id', 'Childs')
|
||||
'child_id': fields.one2many('res.roles', 'parent_id', 'Childs'),
|
||||
'users': fields.many2many('res.users', 'res_roles_users_rel', 'rid', 'uid', 'Users'),
|
||||
}
|
||||
_defaults = {
|
||||
}
|
||||
|
@ -108,6 +111,7 @@ class users(osv.osv):
|
|||
'menu_id': fields.many2one('ir.actions.actions', 'Menu Action'),
|
||||
'groups_id': fields.many2many('res.groups', 'res_groups_users_rel', 'uid', 'gid', 'Groups'),
|
||||
'roles_id': fields.many2many('res.roles', 'res_roles_users_rel', 'uid', 'rid', 'Roles'),
|
||||
'rules_id': fields.many2many('ir.rule.group', 'user_rule_group_rel', 'user_id', 'rule_group_id', 'Rules'),
|
||||
'company_id': fields.many2one('res.company', 'Company'),
|
||||
'context_lang': fields.selection(_lang_get, 'Language', required=True),
|
||||
'context_tz': fields.selection(_tz_get, 'Timezone', size=64)
|
||||
|
@ -164,7 +168,7 @@ class users(osv.osv):
|
|||
|
||||
def unlink(self, cr, uid, ids):
|
||||
if 1 in ids:
|
||||
raise osv.except_osv(_('Can not remove root user!'), _('You can not remove the root user as it is used internally for resources created by Tiny ERP (updates, module installation, ...)'))
|
||||
raise osv.except_osv(_('Can not remove root user!'), _('You can not remove the admin user as it is used internally for resources created by OpenERP (updates, module installation, ...)'))
|
||||
return super(users, self).unlink(cr, uid, ids)
|
||||
|
||||
def name_search(self, cr, user, name='', args=None, operator='ilike', context=None, limit=80):
|
||||
|
@ -225,7 +229,7 @@ class users(osv.osv):
|
|||
}
|
||||
users()
|
||||
|
||||
class groups2(osv.osv):
|
||||
class groups2(osv.osv): ##FIXME: Is there a reason to inherit this object ?
|
||||
_inherit = 'res.groups'
|
||||
_columns = {
|
||||
'users': fields.many2many('res.users', 'res_groups_users_rel', 'gid', 'uid', 'Users'),
|
||||
|
@ -271,8 +275,3 @@ class res_config_view(osv.osv_memory):
|
|||
}
|
||||
|
||||
res_config_view()
|
||||
|
||||
|
||||
|
||||
# vim:expandtab:smartindent:tabstop=4:softtabstop=4:shiftwidth=4:
|
||||
|
||||
|
|
Loading…
Reference in New Issue